This article gives several methods to spoof a Media Access Control (MAC) address.

This article gives several methods to spoof a Media Access Control (MAC) address.

−

{{Note|In the examples below is assumed the ethernet device is {{ic|eth0}}. Use {{ic|ip link}} to check your actual device name, and adjust the examples as necessary}}

+

{{Note|In the examples below is assumed the ethernet device is {{ic|enp1s0}}. Use {{ic|ip link}} to check your actual device name, and adjust the examples as necessary}}

+

== Manually ==

== Manually ==

−

There are two methods for spoofing a MAC address using either {{Pkg|iproute2}} (installed by default) or {{Pkg|macchanger}} (available on the [[Official Repositories]]).

+

+

There are two methods for spoofing a MAC address using either {{Pkg|iproute2}} (installed by default) or {{Pkg|macchanger}} (available on the [[official repositories]]).

Both of them are outlined below.

Both of them are outlined below.

=== Method 1: iproute2 ===

=== Method 1: iproute2 ===

+

First, you can check your current MAC address with the command:

First, you can check your current MAC address with the command:

−

{{bc|# ip link show eth0}}

+

# ip link show enp1s0

The section that interests us at the moment is the one that has "link/ether" followed by a 6-byte number. It will probably look something like this:

The section that interests us at the moment is the one that has "link/ether" followed by a 6-byte number. It will probably look something like this:

−

{{bc|link/ether 00:1d:98:5a:d1:3a}}

+

link/ether 00:1d:98:5a:d1:3a

The first step to spoofing the MAC address is to bring the network interface down. You must be logged in as root to do this. It can be accomplished with the command:

The first step to spoofing the MAC address is to bring the network interface down. You must be logged in as root to do this. It can be accomplished with the command:

−

{{bc|# ip link set dev eth0 down}}

+

# ip link set dev enp1s0 down

Next, we actually spoof our MAC. Any hexadecimal value will do, but some networks may be configured to refuse to assign IP addresses to a client whose MAC does not match up with a vendor. Therefore, unless you control the network(s) you are connecting to, it is a good idea to test this out with a known good MAC rather than randomizing it right away.

Next, we actually spoof our MAC. Any hexadecimal value will do, but some networks may be configured to refuse to assign IP addresses to a client whose MAC does not match up with a vendor. Therefore, unless you control the network(s) you are connecting to, it is a good idea to test this out with a known good MAC rather than randomizing it right away.

Line 30:

Line 33:

To change the MAC, we need to run the command:

To change the MAC, we need to run the command:

−

{{bc|# ip link set dev eth0 address XX:XX:XX:XX:XX:XX}}

+

# ip link set dev enp1s0 address XX:XX:XX:XX:XX:XX

Where any 6-byte value will suffice for 'XX:XX:XX:XX:XX:XX'.

Where any 6-byte value will suffice for 'XX:XX:XX:XX:XX:XX'.

Line 36:

Line 39:

The final step is to bring the network interface back up. This can be accomplished by running the command:

The final step is to bring the network interface back up. This can be accomplished by running the command:

−

{{bc|# ip link set dev eth0 up}}

+

# ip link set dev enp1s0 up

−

If you want to verify that your MAC has been spoofed, simply run {{ic|ip link show eth0}} again and check the value for 'link/ether'. If it worked, 'link/ether' should be whatever address you decided to change it to.

+

If you want to verify that your MAC has been spoofed, simply run {{ic|ip link show enp1s0}} again and check the value for 'link/ether'. If it worked, 'link/ether' should be whatever address you decided to change it to.

=== Method 2: macchanger ===

=== Method 2: macchanger ===

Line 44:

Line 47:

Another method uses {{Pkg|macchanger}} (a.k.a., the GNU MAC Changer). It provides a variety of features such as changing the address to match a certain vendor or completely randomizing it.

Another method uses {{Pkg|macchanger}} (a.k.a., the GNU MAC Changer). It provides a variety of features such as changing the address to match a certain vendor or completely randomizing it.

−

[[Pacman|Install]] the package {{Pkg|macchanger}} from the [[Official Repositories]].

+

[[Pacman|Install]] the package {{Pkg|macchanger}} from the [[official repositories]].

After this, the MAC can be spoofed with a random address. The syntax is {{ic|macchanger -r ''<device>''}}.

After this, the MAC can be spoofed with a random address. The syntax is {{ic|macchanger -r ''<device>''}}.

−

Here is an example command for spoofing the MAC address of a device named eth0.

+

Here is an example command for spoofing the MAC address of a device named enp1s0.

−

{{bc|# macchanger -r eth0}}

+

# macchanger -r enp1s0

To randomize all of the address except for the vendor bytes (that is, so that if the MAC address was checked it would still register as being from the same vendor), you would run the command:

To randomize all of the address except for the vendor bytes (that is, so that if the MAC address was checked it would still register as being from the same vendor), you would run the command:

−

{{bc|# macchanger -e eth0}}

+

# macchanger -e enp1s0

To change the MAC address to a specific value, you would run:

To change the MAC address to a specific value, you would run:

−

{{bc|1=# macchanger --mac=XX:XX:XX:XX:XX:XX eth0}}

+

# macchanger --mac=XX:XX:XX:XX:XX:XX enp1s0

Where {{ic|XX:XX:XX:XX:XX:XX}} is the MAC you wish to change to.

Where {{ic|XX:XX:XX:XX:XX:XX}} is the MAC you wish to change to.

Line 64:

Line 67:

Finally, to return the MAC address to its original, permanent hardware value:

Finally, to return the MAC address to its original, permanent hardware value:

−

{{bc|# macchanger -p eth0}}

+

# macchanger -p enp1s0

{{Note|A device cannot be in use (connected in any way or with its interface up) while the MAC address is being changed.}}

{{Note|A device cannot be in use (connected in any way or with its interface up) while the MAC address is being changed.}}

Line 70:

Line 73:

== Automatically ==

== Automatically ==

−

=== netcfg ===

+

=== Netcfg ===

−

[[Pacman|Install]] the package {{Pkg|macchanger}} from the [[Official Repositories]]. Read the [[#Method 2: macchanger]] method for more information.

+

+

{{Out of date|netcfg is deprecated, use [[netctl]] instead}}

+

+

This example uses [[#Method 2: macchanger]], so make sure that {{Pkg|macchanger}} is [[Pacman|installed]].

Put the following line in your [[netcfg]] profile to have it spoof your MAC address when it's started:

Put the following line in your [[netcfg]] profile to have it spoof your MAC address when it's started:

−

{{bc|1=PRE_UP='macchanger -e wlan0'}}

+

PRE_UP='macchanger -e enp1s0'

−

You may have to replace {{ic|wlan0}} with your interface name.

+

You may have to replace {{ic|enp1s0}} with your interface name.

=== Systemd unit ===

=== Systemd unit ===

−

{{hc|/etc/systemd/system/macspoof@.service|

+

This example uses [[#Method 1: iproute2]].

+

+

{{hc|/etc/systemd/system/macspoof@.service|<nowiki>

[Unit]

[Unit]

−

Description&#61;MAC address change %I

+

Description=MAC address change %I

−

Before&#61;dhcpcd@%i.service

+

Before=dhcpcd@%i.service

[Service]

[Service]

−

Type&#61;oneshot

+

Type=oneshot

−

ExecStart&#61;/usr/sbin/ip link set dev %i address 36:aa:88:c8:75:3a

+

ExecStart=/usr/bin/ip link set dev %i address 36:aa:88:c8:75:3a

−

ExecStart&#61;/usr/sbin/ip link set dev %i up

+

ExecStart=/usr/bin/ip link set dev %i up

[Install]

[Install]

−

WantedBy&#61;network.target}}

+

WantedBy=network.target

−

You may have to edit this file if you do not use dhcpcd.

+

</nowiki>}}

−

{{Note|This works without netcfg. If you are using netcfg, see above.}}

+

+

You may have to edit this file if you do not use [[dhcpcd]].

=== Systemd unit using random address ===

=== Systemd unit using random address ===

−

A unit featuring random address, which requires macchanger:

+

−

{{hc|/etc/systemd/system/macchanger@.service|

+

This example uses [[#Method 2: macchanger]], so make sure that {{Pkg|macchanger}} is [[Pacman|installed]].

+

+

{{hc|/etc/systemd/system/macchanger@.service|<nowiki>

[Unit]

[Unit]

−

Description&#61;Macchanger service for %I

+

Description=Macchanger service for %I

−

Documentation&#61;man:macchanger(1)

+

Documentation=man:macchanger(1)

[Service]

[Service]

−

ExecStart&#61;/usr/bin/macchanger -e %I

+

ExecStart=/usr/bin/macchanger -e %I

−

Type&#61;oneshot

+

Type=oneshot

[Install]

[Install]

−

WantedBy&#61;multi-user.target}}

+

WantedBy=multi-user.target

+

</nowiki>}}

== See also ==

== See also ==

−

* [http://www.alobbs.com/macchanger macchanger project page]

+

* [http://www.alobbs.com/macchanger Macchanger project page]

−

* [http://www.debianadmin.com/change-your-network-card-mac-media-access-control-address.html Article on DebianAdmin] with more macchanger options.

+

* [http://www.debianadmin.com/change-your-network-card-mac-media-access-control-address.html Article on DebianAdmin] with more macchanger options

Method 1: iproute2

The section that interests us at the moment is the one that has "link/ether" followed by a 6-byte number. It will probably look something like this:

link/ether 00:1d:98:5a:d1:3a

The first step to spoofing the MAC address is to bring the network interface down. You must be logged in as root to do this. It can be accomplished with the command:

# ip link set dev enp1s0 down

Next, we actually spoof our MAC. Any hexadecimal value will do, but some networks may be configured to refuse to assign IP addresses to a client whose MAC does not match up with a vendor. Therefore, unless you control the network(s) you are connecting to, it is a good idea to test this out with a known good MAC rather than randomizing it right away.

To change the MAC, we need to run the command:

# ip link set dev enp1s0 address XX:XX:XX:XX:XX:XX

Where any 6-byte value will suffice for 'XX:XX:XX:XX:XX:XX'.

The final step is to bring the network interface back up. This can be accomplished by running the command:

# ip link set dev enp1s0 up

If you want to verify that your MAC has been spoofed, simply run ip link show enp1s0 again and check the value for 'link/ether'. If it worked, 'link/ether' should be whatever address you decided to change it to.

Method 2: macchanger

Another method uses macchanger (a.k.a., the GNU MAC Changer). It provides a variety of features such as changing the address to match a certain vendor or completely randomizing it.